[Suit] FYI: National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems
Dick Brooks <dick@reliableenergyanalytics.com> Thu, 29 July 2021 12:40 UTC
Return-Path: <dick@reliableenergyanalytics.com>
X-Original-To: suit@ietfa.amsl.com
Delivered-To: suit@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49DCE3A217F for <suit@ietfa.amsl.com>; Thu, 29 Jul 2021 05:40:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=messagingengine.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HGEY6zp_9k5U for <suit@ietfa.amsl.com>; Thu, 29 Jul 2021 05:40:03 -0700 (PDT)
Received: from forward4-smtp.messagingengine.com (forward4-smtp.messagingengine.com [66.111.4.238]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3FDF03A219A for <suit@ietf.org>; Thu, 29 Jul 2021 05:40:03 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailforward.nyi.internal (Postfix) with ESMTP id 6F8F31940885 for <suit@ietf.org>; Thu, 29 Jul 2021 08:40:00 -0400 (EDT)
Received: from mailfrontend2 ([10.202.2.163]) by compute6.internal (MEProxy); Thu, 29 Jul 2021 08:40:00 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:reply-to:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm3; bh=XS4VCC/X093zOnXeON5yU0o0p0Ry0OkE/WpLiFDuVhs=; b=E5SmHFmd BsC20pM6q/VvskQfk9Mjk7K5gI1IvKz7GwpSJWXjqB1QilRu+8f6iopBK469e8ER c4B+GYweXVgP3vTqcHJvsCN+xCH3R4APh4KWpNKfJij6+sIwgJwMsLBjYObXLLWi ju0bLJZS+vUGsdY7A/RFUHyY++9nW2E86Y+4rKS/8WN5jyhQuJ5fUlwchCCI6GZf DKg4A0KPpqRCkid+TrQiK0vt4YE4Cn6fkajffkHRhENqaVHUaC7lWOrAHOPMtf0c VzTyxlmmKkfEMkr1b1wsn6GieKlUupkhBLGNGfMAJ/N/i4o3aEsTAi86R+F7s/1a JAsz65CFJJLyPA==
X-ME-Sender: <xms:oKECYdvjmxaty27OkY49yEg54zueKgJ3roRRAyzz6J8DeSBC0T49Ug> <xme:oKECYWfi8O5fGiTRJKCLff1jMlZhYIWkYM7Ehm5oHEmHR_wD5CIsWFRBZdlSfG9Mp f-toqWcAMmMZcLW3Q>
X-ME-Received: <xmr:oKECYQxITSglH8h5tApPLg7P8-uh1R5rZrmBmTAn1o4QLktbx4vnsSk>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddrheefgdduiecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecufghrlhcuvffnffculddqhedmnecujfgurheprhfhvf fuffhokfggtgfgofhtsehtqhhgtddvtdejnecuhfhrohhmpedfffhitghkuceurhhoohhk shdfuceoughitghksehrvghlihgrsghlvggvnhgvrhhghigrnhgrlhihthhitghsrdgtoh hmqeenucggtffrrghtthgvrhhnpeduhedvfeejffeuvdegffeigfduhfeujeejfedvieej tdfgudeltdfgleevfefhfeenucffohhmrghinhepvghnvghrghihtggvnhhtrhgrlhdrtg homhdpfihhihhtvghhohhushgvrdhgohhvpdhrvghlihgrsghlvggvnhgvrhhghigrnhgr lhihthhitghsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrg hilhhfrhhomhepughitghksehrvghlihgrsghlvggvnhgvrhhghigrnhgrlhihthhitghs rdgtohhm
X-ME-Proxy: <xmx:oKECYUPhla9gEicZ2lvPEM4aNJ8eelHLhkhDplhk7X1UK-6HqCvqtw> <xmx:oKECYd_fOmvhNpypxjonel0t0mfiCUQAN0801Vjb1tN5aKoJ7plQLg> <xmx:oKECYUVIrtFJrR2pimqpZSfYPmNFGqXu0rddOl7_V7Bn-1qZGH4T8Q> <xmx:oKECYQLPlDy0wn3STpO_q9FEJiph5Dr6WxqgMVzObY3cyKNp45tGrQ>
Received: by mail.messagingengine.com (Postfix) with ESMTPA for <suit@ietf.org>; Thu, 29 Jul 2021 08:39:59 -0400 (EDT)
Reply-To: dick@reliableenergyanalytics.com
From: Dick Brooks <dick@reliableenergyanalytics.com>
To: 'suit' <suit@ietf.org>
Date: Thu, 29 Jul 2021 08:39:56 -0400
Organization: Reliable Energy Analytics LLC
Message-ID: <00cb01d78476$d9043d20$8b0cb760$@reliableenergyanalytics.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdeEdin2Jj/W5rwyRZKRwokoLq+OKg==
Content-Language: en-us
Archived-At: <https://mailarchive.ietf.org/arch/msg/suit/TGRb8QUVKGZb-uIUz46PzfvT1Vw>
Subject: [Suit] FYI: National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems
X-BeenThere: suit@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Software Updates for Internet of Things <suit.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/suit>, <mailto:suit-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/suit/>
List-Post: <mailto:suit@ietf.org>
List-Help: <mailto:suit-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/suit>, <mailto:suit-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Jul 2021 12:40:16 -0000
Yesterday, President Biden issued a memorandum titled: National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems Link, with commentary: https://energycentral.com/c/pip/national-security-memorandum-improving-cybersecurity-critical-infrastructure Link with NO Commentary: https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/28/national-security-memorandum-on-improving-cybersecurity-for-critical-infrastructure-control-systems/ Thanks, Dick Brooks Never trust software, always verify and report! ™ http://www.reliableenergyanalytics.com Email: dick@reliableenergyanalytics.com Tel: +1 978-696-1788 -----Original Message----- From: Suit <suit-bounces@ietf.org> On Behalf Of Michael Richardson Sent: Saturday, July 24, 2021 3:08 PM To: suit <suit@ietf.org> Subject: Re: [Suit] SUIT rechartering: proposed text Dave Thaler <dthaler=40microsoft.com@dmarc.ietf.org> wrote: >> I can think of ways to securely report firmware update status that do >> not involve attesting, but if you do attesting (b), then you definitely >> do (a), right? > You can attest to current state without attesting to the errors that > happened the last time you tried to install something. I agree. So (a) involves providing feedback on failed attempts to upgrade. > (If the errors happened during boot then they may be reported, but > post-boot install errors might not be.) > And as you mentioned, you can report status (and errors) without attesting. > So I think they're complementary items that will often but not always > be used together. I understand now. -- Michael Richardson <mcr+IETF@sandelman.ca> . o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide